Rails + Devise: When a user tries to sign in before confirming with the confirmation email, no error notice appears?

StackOverflow https://stackoverflow.com/questions/19457438

Question

So I have a Rails app with Devise set up. I have :confirmable set up in my Users table, and sending confirmation emails works perfectly.

However, I'm running into a small issue with unconfirmed users trying to sign in.

When an invalid email/password combination are input into the login, I get a flash notice that says "Invalid email or password.". However, if an unconfirmed user signs in correctly, they are redirected back to /users/sign_in, but there is no flash message for "You have to confirm your account before continuing.", which is defined in /config/locales/devise.en.yml.

I have overridden thses methods:

RegistrationsController) :new, :create

SessionsController) :create

ConfirmationsController) :after_confirmation_path_for

What exactly does Devise do when an unconfirmed user signs in with the correct credentials? I tried putting a binding.pry statement at the top of my sessions#create method, but it never hits it, meaning Devise must have some sort of outside check for this. I've attempted to look at the source code to no avail.

This is what the log states is happening:

Started POST "/users/sign_in" for 127.0.0.1 at 2013-10-18 15:04:26 -0400
Processing by SessionsController#create as HTML
  Parameters: {"utf8"=>"✓", "authenticity_token"=>"03kQgiMGyXcq/nW8jlVyGkGDw1Q9lpP+JZ03e+LZHPU=", "user"=>{"email"=>"dummy@example.com", "password"=>"[FILTERED]"}, "commit"=>"Login"}
  [1m[35mUser Load (0.7ms)[0m  SELECT `users`.* FROM `users` WHERE `users`.`email` = 'dummy@example.com' LIMIT 1
  [1m[36m (0.2ms)[0m  [1mBEGIN[0m
  [1m[35m (0.1ms)[0m  COMMIT
Completed 401 Unauthorized in 90ms


Started GET "/users/sign_in" for 127.0.0.1 at 2013-10-18 15:04:27 -0400
Processing by SessionsController#new as HTML
  Rendered devise/shared/_links.haml (0.6ms)
  Rendered devise/sessions/new.html.haml within layouts/application (5.0ms)
  Rendered layouts/_header.html.haml (0.9ms)
  Rendered layouts/_navigation.html.haml (0.6ms)
  Rendered layouts/_footer.html.haml (0.9ms)
Completed 200 OK in 33ms (Views: 28.0ms | ActiveRecord: 0.0ms)

So it does look like the sessions#create method is being hit. So I'm not sure where to go from here. Any help would be appreciated!

config/routes.rb

 devise_for :users, :controllers => {
    :registrations => "registrations", 
    :sessions => "sessions", 
    :confirmations => "confirmations"}
Was it helpful?

Solution

Figured it out. When something in devise calls one of the message under :failures, it doesn't put the message in flash[:notice], it puts the message in flash[:alert], so I just needed to add

#alert= alert

to my haml.

Source: Always getting 401 Unauthorized with new install of Rails + Devise

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top